tests/phpunit/maintenance/ChangePasswordTest.php

   1 <?php
   2
   3 namespace MediaWiki\Tests\Maintenance;
   4
   5 use ChangePassword;
   6 use MediaWiki\Maintenance\MaintenanceFatalError;
   7 use MediaWiki\Password\PasswordFactory;
   8
   9 /**
  10  * @covers \ChangePassword
  11  * @group Database
  12  * @author Dreamy Jazz
  13  */
  14 class ChangePasswordTest extends MaintenanceBaseTestCase {
  15
  16         protected function getMaintenanceClass() {
  17                 return ChangePassword::class;
  18         }
  19
  20         public function testExecuteWithoutProvidedUserOrUserId() {
  21                 $this->maintenance->setOption( 'password', 'abc' );
  22                 $this->expectCallToFatalError();
  23                 $this->expectOutputRegex( '/A "user" or "userid" must be set to change the password for/' );
  24                 $this->maintenance->execute();
  25         }
  26
  27         public function testExecuteForTooShortPassword() {
  28                 $testUser = $this->getTestUser()->getUserIdentity();
  29                 // Get the current password for the user, and assert later that it does not change
  30                 $oldPasswordHash = $this->newSelectQueryBuilder()
  31                         ->select( 'user_password' )
  32                         ->from( 'user' )
  33                         ->where( [ 'user_id' => $testUser->getId() ] )
  34                         ->fetchField();
  35                 // Use a password which is too short and common, so will fail to be set
  36                 $this->maintenance->setOption( 'password', 'abc' );
  37                 $this->maintenance->setOption( 'userid', $testUser->getId() );
  38                 // Run the maintenance script in a try block, because we want to do assertions that can only be run after
  39                 // we have called execute.
  40                 $threwFatalError = false;
  41                 try {
  42                         $this->maintenance->execute();
  43                 } catch ( MaintenanceFatalError $e ) {
  44                         $threwFatalError = true;
  45                 }
  46                 $this->assertTrue( $threwFatalError );
  47                 // Check that the password hash has not changed.
  48                 $this->newSelectQueryBuilder()
  49                         ->select( 'user_password' )
  50                         ->from( 'user' )
  51                         ->where( [ 'user_id' => $testUser->getId() ] )
  52                         ->assertFieldValue( $oldPasswordHash );
  53                 $this->expectOutputRegex( '/Error: Passwords must be at least.*characters/' );
  54         }
  55
  56         public function testExecute() {
  57                 $testUser = $this->getTestUser()->getUserIdentity();
  58                 $newPasswordPlaintext = PasswordFactory::generateRandomPasswordString();
  59                 $this->maintenance->setOption( 'password', $newPasswordPlaintext );
  60                 $this->maintenance->setOption( 'userid', $testUser->getId() );
  61                 $this->maintenance->execute();
  62                 // Check that the password hash has not changed.
  63                 $newPasswordHash = $this->newSelectQueryBuilder()
  64                         ->select( 'user_password' )
  65                         ->from( 'user' )
  66                         ->where( [ 'user_id' => $testUser->getId() ] )
  67                         ->fetchField();
  68                 $password = $this->getServiceContainer()->getPasswordFactory()->newFromCiphertext( $newPasswordHash );
  69                 $this->assertTrue( $password->verify( $newPasswordPlaintext ) );
  70         }
  71 }